mirror of
https://github.com/retspen/webvirtcloud
synced 2025-01-12 08:25:18 +00:00
Added Technicians group
This commit is contained in:
Info-IIG
parent
c817d3e61a
commit
de2dce7573
3 changed files with 45 additions and 11 deletions
15
admin/migrations/0003_create_group_technicians.py
Normal file
15
admin/migrations/0003_create_group_technicians.py
Normal file
|
|
@ -0,0 +1,15 @@
|
||||||
|
from django.db import models, migrations
|
||||||
|
|
||||||
|
def apply_migration(apps, schema_editor):
|
||||||
|
Group = apps.get_model('auth', 'Group')
|
||||||
|
Group.objects.create(name='Technicians')
|
||||||
|
|
||||||
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
|
dependencies = [
|
||||||
|
('admin', '0002_auto_20200609_0830'),
|
||||||
|
]
|
||||||
|
|
||||||
|
operations = [
|
||||||
|
migrations.RunPython(apply_migration)
|
||||||
|
]
|
||||||
|
|
@ -1,5 +1,5 @@
|
||||||
from django.contrib.auth.backends import ModelBackend
|
from django.contrib.auth.backends import ModelBackend
|
||||||
from django.contrib.auth.models import User
|
from django.contrib.auth.models import User, Group
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
from accounts.models import UserAttributes, UserInstance, UserSSHKey
|
from accounts.models import UserAttributes, UserInstance, UserSSHKey
|
||||||
from django.contrib.auth.models import Permission
|
from django.contrib.auth.models import Permission
|
||||||
|
|
@ -44,21 +44,36 @@ try:
|
||||||
# Get the user information from the LDAP if he can be authenticated
|
# Get the user information from the LDAP if he can be authenticated
|
||||||
isAdmin = False
|
isAdmin = False
|
||||||
isStaff = False
|
isStaff = False
|
||||||
|
isTechnician = False
|
||||||
|
|
||||||
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_ADMINS) is None:
|
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_ADMINS) is None:
|
||||||
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_STAFF) is None:
|
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_STAFF) is None:
|
||||||
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_USERS) is None:
|
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_TECHNICIANS) is None:
|
||||||
print("User does not belong to any search group. Check LDAP_SEARCH_GROUP_FILTER in settings.")
|
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_USERS) is None:
|
||||||
return None
|
print("User does not belong to any search group. Check LDAP_SEARCH_GROUP_FILTER in settings.")
|
||||||
else:
|
return None
|
||||||
isStaff = True
|
else:
|
||||||
|
isTechnician = True
|
||||||
|
else:
|
||||||
|
isStaff = True
|
||||||
else:
|
else:
|
||||||
isAdmin = True
|
isAdmin = True
|
||||||
isStaff = True
|
isStaff = True
|
||||||
|
|
||||||
|
techniciansGroup = Group.objects.get(name='Technicians')
|
||||||
|
|
||||||
try:
|
try:
|
||||||
user = User.objects.get(username=username)
|
user = User.objects.get(username=username)
|
||||||
attributes = UserAttributes.objects.get(user=user)
|
attributes = UserAttributes.objects.get(user=user)
|
||||||
|
user.is_staff = isStaff
|
||||||
|
user.is_superuser = isAdmin
|
||||||
|
if isTechnician is False and user.groups.filter(name='Technicians').exists():
|
||||||
|
user.groups.remove(techniciansGroup)
|
||||||
|
elif isTechnician is True and user.groups.filter(name='Technicians').exists() is False:
|
||||||
|
user.groups.add(techniciansGroup)
|
||||||
|
else:
|
||||||
|
print("The user is already in the Technicians group")
|
||||||
|
user.save()
|
||||||
# TODO VERIFY
|
# TODO VERIFY
|
||||||
except User.DoesNotExist:
|
except User.DoesNotExist:
|
||||||
print("authenticate-create new user: {}".format(username))
|
print("authenticate-create new user: {}".format(username))
|
||||||
|
|
@ -68,6 +83,8 @@ try:
|
||||||
user.is_superuser = isAdmin
|
user.is_superuser = isAdmin
|
||||||
user.set_password(uuid.uuid4().hex)
|
user.set_password(uuid.uuid4().hex)
|
||||||
user.save()
|
user.save()
|
||||||
|
if isTechnician is True:
|
||||||
|
user.groups.add(techniciansGroup)
|
||||||
maxInstances = 1
|
maxInstances = 1
|
||||||
maxCpus = 1
|
maxCpus = 1
|
||||||
maxMemory = 128
|
maxMemory = 128
|
||||||
|
|
|
||||||
|
|
@ -269,10 +269,12 @@ LDAP_ROOT_DN = ''
|
||||||
## Queries to identify the users, i use groupOfUniqueNames on openldap
|
## Queries to identify the users, i use groupOfUniqueNames on openldap
|
||||||
|
|
||||||
### PLEASE BE SURE memberOf overlay is activated on slapd
|
### PLEASE BE SURE memberOf overlay is activated on slapd
|
||||||
## e.g. memberOf=cn=admins,cn=staff,cn=webvirtcloud,ou=groups,dc=kendar,dc=org
|
## e.g. memberOf=cn=admins,cn=staff,cn=technicians,cn=webvirtcloud,ou=groups,dc=kendar,dc=org
|
||||||
LDAP_SEARCH_GROUP_FILTER_ADMINS = ''
|
LDAP_SEARCH_GROUP_FILTER_ADMINS = ''
|
||||||
## e.g. memberOf=cn=staff,cn=webvirtcloud,ou=groups,dc=kendar,dc=org
|
## e.g. memberOf=cn=staff,cn=technicians,cn=webvirtcloud,ou=groups,dc=kendar,dc=org
|
||||||
LDAP_SEARCH_GROUP_FILTER_STAFF = ''
|
LDAP_SEARCH_GROUP_FILTER_STAFF = ''
|
||||||
|
## e.g. memberOf=cn=technicians,cn=webvirtcloud,ou=groups,dc=kendar,dc=org
|
||||||
|
LDAP_SEARCH_GROUP_FILTER_TECHNICIANS = ''
|
||||||
## e.g. memberOf=cn=webvirtcloud,ou=groups,dc=kendar,dc=org
|
## e.g. memberOf=cn=webvirtcloud,ou=groups,dc=kendar,dc=org
|
||||||
LDAP_SEARCH_GROUP_FILTER_USERS = ''
|
LDAP_SEARCH_GROUP_FILTER_USERS = ''
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue